Digital resilience affected by NCSC withholding information

Digital resilience affected by NCSC withholding information

2020-08-18 Artikel achterhouden hack informatieTuesday 18 August 2020

In response to the article in the Financieele Dagblad of last August 17th with the title "The government knew who was vulnerable, but still allowed companies to be hacked. The government throws away information about hacks from companies", CIO Platform Nederland is calling on the government today to never let this happen again. And to take up its role for the digital resilience of Dutch society.

According to the FD, a cybercriminal has recently hacked several Dutch companies and put passwords online. The Ministry of Justice and Security had been explicitly warned in advance that many of these organizations were at risk but did nothing with the information received. The companies would be 'not vital'.*

The article continues that the NCSC (National Cyber ​​Security Center, ed.) has done everything to inform organizations within the “legal possibilities”. Unfortunately, “organizations outside the legal mandate cannot be informed by the NCSC.

Ronald Verbeek, general director of CIO Platform Nederland, states that the government could have prevented a lot of damage to parties if it had shared the information and had not withheld it. It should not be the case that, because the government has imposed too many restrictions on itself in legally establishing and adhering too tightly to the scope of the NCSC, other companies and organizations will suffer.

The Ministry of Justice and Security could solve this problem by either broadening the scope of the NCSC** for such cases, as they wrote this law themselves, or by sending such information to parties outside its scope via the DTC*** (Digital Trust Center). The center was created precisely for that.

CIO Platform Nederland calls on the Ministry of Justice and Security to prevent further damage to the business community by never letting this happen again. And to take its responsibility by coming up with a targeted solution immediately (rather in weeks than in months). The Minister of Justice and Security is always happy to point the business community to cyber security responsibilities, and rightly so, but this is a situation where he can quickly take steps to make Dutch companies cyber safer.

CIO Platform Nederland 

Ronald Verbeek, Algemeen Directeur

Footnotes

*   The FD article (in Dutch): https://fd.nl/ondernemen/1353350/overheid-wist-wie-kwetsbaar-was-maar-liet-bedrijven-toch-gehackt-worden

**  The legal task of NCSC (in Dutch): https://www.ncsc.nl/over-ncsc/wettelijke-taak

*** The scope of DTC: https://www.digitaltrustcenter.nl/over-het-digital-trust-center

« Back

More news

CIOTV #75 What about the maturity of digital transformations? With Martijn Koning and Arthur Govaert

ciotv 75 martijn en arthurMonday 04 July 2022 In this special seventy-fifth episode of CIOTV, current chairman Martijn Koning (Chief Digital & Sustainability Officer AutoBinck Group) and former chairman Arthur Govaert (VP Innovation Program ... full story

Fair Principle 3: Customers shall remain in control of their own data and all the data uploaded or processed by the service/solution.

Fair Principle 3Thursday 30 June 2022 Business users associations Beltug, Voice, Cigref and CIO Platform Nederland call for a balanced cloud market: 11 fair principles to unleash Europe’s digital potential. Fair principle 3 calls for customers to remain in control of their own data and all the data uploaded or processed by the service/solution. full story

Fair Principle 2: Vendors must not create a technical or commercial lock-in

Fair Principles 2Thursday 23 June 2022 Business users associations Beltug, Voice, Cigref and CIO Platform Nederland call for a balanced cloud market: 11 fair principles to unleash Europe’s digital potential. Fair principle 2 calls for every vendor to avoid creating a technical or commercial lock-in. full story

Urgent call to European Commission regarding the European Cybersecurity Certification Scheme for Cloud Services (EUCS)

2021-05-18 Terugkoppeling gesprek met Europese Commissie over digitale technologiebeleid.pngWednesday 22 June 2022 CIO Platform Nederland calls on the European Commission not to adopt the EUCS until the consequences for business users in industry and government in Europe have been thoroughly investigated, a consultation of stakeholders has taken place and the responsible political bodies have weighed up the digital autonomy, costs and benefits of a decision. full story

View all news items through the archive

Close